fnp / edumed.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
workaround bug in django (newlines in http headers, https://code.djangoproject.com...
[edumed.git] / stage2 / views.py
diff --git a/stage2/views.py b/stage2/views.py
index 974e375..6b04a57 100644 (file)
--- a/stage2/views.py
+++ b/stage2/views.py
@@ -54,7 +54,8 @@ def upload(request, assignment_id, participant_id, key):
 def attachment_download(attachment):
     response = HttpResponse(content_type='application/force-download')
     response.write(attachment.file.read())
-    response['Content-Disposition'] = 'attachment; filename="%s"' % attachment.filename()
+    base, ext = attachment.filename().rsplit('.', 1)
+    response['Content-Disposition'] = 'attachment; filename="%s.%s"' % (base[:10].replace('\n', ''), ext)
     response['Content-Length'] = response.tell()
     return response
 
@@ -75,7 +76,7 @@ def get_file(request, assignment_id, file_no, participant_id, key):
 def assignment_list(request):
     assignments = request.user.stage2_assignments.all()
     if not assignments:
-        return HttpResponseForbidden()
+        return HttpResponseForbidden('Not allowed')
     for assignment in assignments:
         assignment.marked_count = Mark.objects.filter(expert=request.user, answer__assignment=assignment).count()
         assignment.to_mark_count = assignment.available_answers(request.user).count()
@@ -109,7 +110,7 @@ def available_answers(assignment, expert, answer_with_errors=None, form_with_err
 def answer_list(request, assignment_id):
     assignment = get_object_or_404(Assignment, id=assignment_id)
     if request.user not in assignment.experts.all():
-        return HttpResponseForbidden()
+        return HttpResponseForbidden('Not allowed')
     return render(request, 'stage2/answer_list.html',
                   {'answers': available_answers(assignment, request.user), 'assignment': assignment})
 
@@ -118,7 +119,7 @@ def answer_list(request, assignment_id):
 def marked_answer_list(request, assignment_id):
     assignment = get_object_or_404(Assignment, id=assignment_id)
     if request.user not in assignment.experts.all():
-        return HttpResponseForbidden()
+        return HttpResponseForbidden('Not allowed')
     return render(request, 'stage2/answer_list.html', {
         'answers': available_answers(assignment, request.user, marked=True),
         'assignment': assignment,
@@ -137,9 +138,9 @@ def expert_download(request, attachment_id):
 def mark_answer(request, answer_id):
     answer = get_object_or_404(Answer, id=answer_id)
     if request.user not in answer.assignment.experts.all():
-        return HttpResponseForbidden()
+        return HttpResponseForbidden('Not allowed')
     if answer.assignment.is_active():
-        return HttpResponseForbidden()
+        return HttpResponseForbidden('Not allowed')
     mark, created = Mark.objects.get_or_create(answer=answer, expert=request.user, defaults={'points': 0})
     form = MarkForm(data=request.POST, answer=answer, instance=mark, prefix='ans%s' % answer.id)
     if form.is_valid():